We have a 5510 with a public IP address A and a private IP range behind if of Z.Y.Y.0/24, it also has a default route out to 188.8.131.52
We also have a 1841 with a public IP address of B and a private ip range behind it of Z.0.0.0/8, it's default route is 184.108.40.206
We tried to move the public IP of the 1841 on to the ASA 5510 and do Dynamic NAT (which I believe is the equivalent of NAT overload?) and it didn't work.
Of course we couldn't add a new default route on the 5510 but that shouldn't matter as both ranges are served from our ISP via the same VLAN.
In the logs we kept getting 'portmap translation failed for'.. error messages.
When doing the Packet Tracer Wizard from the ASDM it kept failing on the 'dynamic translation to pool 5 (No matching global)'
However when looking in a 'sh nat' we did see a global but it was below the 'dynamic translation to pool 5 (No matching global)' line in the sh nat, so I'm guessing it was hitting that line before hitting the correct dynamic translation line.
Re: ASA 5510 with nat overload on second public IP?
You need to have your isp route that other subnet to the public address of the asa, if it is indeed on the same switch vlan from your isp, you should only need one outside interface, in your config you are defining two interfaces, if you route the new subnet to the asa you can do a "global (outside) 5 x.x.x.x" with other address.
BenefitsDocumentationPrerequisiteImage Download LinksLimitationsSupported PlatformsLicense RequirementsTopologyStep-By-Step ConfigurationConfigure Virtual ServiceActivate the virtual service and configure guest IPsConfiguring UTD (Service Plane)Configurin...
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...